d249620f5b0a51d779781066f1cfb152_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d249620f5b0a51d779781066f1cfb152_JaffaCakes118
Size

7.5MB
MD5

d249620f5b0a51d779781066f1cfb152
SHA1

2ef7234666614f27bd51f4acbdba7ddb99e6aea0
SHA256

64a4e059ef351fe373d896defaefe828b247154eff58173e46b1cc79022e02b3
SHA512

60fc8a068229f399968c5d3ba96c8a79d7cd3c0b72822995cf8442f0e0419eee4ac2014086b41098f5956c251f6bb8910c7f22e59de4cdb3a314a1f1ebfd2962
SSDEEP

196608:g5IyDdWlKAb5Zg3GkuRj3tCGkqUnQCDXmnF6KFxb:gn5W0A2eRj3tHkqUnQemnF6Cb

Score

6^/10

Malware Config

Signatures

Declares broadcast receivers with permission to handle system events 1 IoCs

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Requests dangerous framework permissions 7 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

d249620f5b0a51d779781066f1cfb152_JaffaCakes118
.apk android

com.alienmanfc6.wheresmyandroid

com.alienmanfc6.wheresmyandroid.Main

Activities

com.alienmanfc6.wheresmyandroid.Main

android.intent.action.MAIN

com.alienmantech.calc.Calculator

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.FLASHLIGHT
android.permission.INTERNET
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.CAMERA
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.USE_CREDENTIALS
com.android.vending.BILLING
android.permission.READ_EXTERNAL_STORAGE
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.alienmanfc6.wheresmyandroid.receivers.UpdateReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.alienmanfc6.wheresmyandroid.receivers.BootReceiver

android.intent.action.BOOT_COMPLETED

com.alienmanfc6.wheresmyandroid.receivers.ShutdownReceiver

android.intent.action.ACTION_SHUTDOWN
android.intent.action.REBOOT

com.alienmanfc6.wheresmyandroid.receivers.BatteryReceiver

android.intent.action.BATTERY_LOW
android.intent.action.BATTERY_OKAY

com.alienmanfc6.wheresmyandroid.receivers.UsbReceiver

android.hardware.usb.action.USB_DEVICE_ATTACHED
android.hardware.usb.action.USB_ACCESSORY_ATTACHED
android.hardware.usb.action.USB_STATE

com.alienmanfc6.wheresmyandroid.receivers.AirplaneModeReceiver

android.intent.action.AIRPLANE_MODE

com.alienmanfc6.wheresmyandroid.DeviceAdmin$DeviceAdminWMDReceiver

android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED

com.cuebiq.cuebiqsdk.receiver.CoverageReceiver

android.location.PROVIDERS_CHANGED
android.intent.action.BOOT_COMPLETED

io.mysdk.locs.xdk.work.workers.loc.LocUpdateReceiver

locationUpdateKey

io.mysdk.beacons.init.BeaconInitReceiver

beaconInitKey

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.geolocstation.WakeUp

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.MY_PACKAGE_REPLACED

com.geolocstation.LocationReceiver

com.geolocstation.LOCATION_READY

com.geolocstation.LocationNativeReceiver

com.geolocstation.LOCATION_READY

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

com.alienmanfc6.wheresmyandroid.receivers.FcmListenerService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

d249620f5b0a51d779781066f1cfb152_JaffaCakes118

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.FLASHLIGHT

android.permission.INTERNET

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.CAMERA

android.permission.GET_ACCOUNTS

android.permission.READ_CONTACTS

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NOTIFICATION_POLICY

android.permission.USE_CREDENTIALS

com.android.vending.BILLING

android.permission.READ_EXTERNAL_STORAGE

com.google.android.c2dm.permission.RECEIVE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Sharing

General

Malware Config

Signatures

Files

com.alienmanfc6.wheresmyandroid

com.alienmanfc6.wheresmyandroid.Main

Activities

com.alienmanfc6.wheresmyandroid.Main

com.alienmantech.calc.Calculator

Permissions

Receivers

com.alienmanfc6.wheresmyandroid.receivers.UpdateReceiver

com.alienmanfc6.wheresmyandroid.receivers.BootReceiver

com.alienmanfc6.wheresmyandroid.receivers.ShutdownReceiver

com.alienmanfc6.wheresmyandroid.receivers.BatteryReceiver

com.alienmanfc6.wheresmyandroid.receivers.UsbReceiver

com.alienmanfc6.wheresmyandroid.receivers.AirplaneModeReceiver

com.alienmanfc6.wheresmyandroid.DeviceAdmin$DeviceAdminWMDReceiver

com.cuebiq.cuebiqsdk.receiver.CoverageReceiver

io.mysdk.locs.xdk.work.workers.loc.LocUpdateReceiver

io.mysdk.beacons.init.BeaconInitReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.geolocstation.WakeUp

com.geolocstation.LocationReceiver

com.geolocstation.LocationNativeReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

com.alienmanfc6.wheresmyandroid.receivers.FcmListenerService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

d249620f5b0a51d779781066f1cfb152_JaffaCakes118